From 2e88422c861027fb0654bee342d5ae6866f3992b Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Sat, 13 Aug 2022 00:50:22 +0200 Subject: [PATCH] Fix deleting KEK when a key is present in the key domain. Signed-off-by: Pol Henarejos --- src/hsm/sc_hsm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c index a35085b..43476ed 100644 --- a/src/hsm/sc_hsm.c +++ b/src/hsm/sc_hsm.c @@ -966,7 +966,7 @@ static int cmd_key_domain() { else if (p1 == 0x1 || p1 == 0x3 || p1 == 0x4) { //key domain setup if (p1 == 0x1 && apdu.nc != 1) return SW_WRONG_LENGTH(); - if (p1 == 0x3 || p1 == 0x4) { //if key domain is not empty, command is denied + if (p1 == 0x3) { //if key domain is not empty, command is denied for (int i = 0; i < dynamic_files; i++) { if (get_key_domain(&dynamic_file[i]) == p2) return SW_FILE_EXISTS();